← Back to Skills Marketplace
huanz

Filesystem Access

by bukas · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
1947
Downloads
1
Stars
14
Active Installs
1
Versions
Install in OpenClaw
/install filesystem-access
Description
安全的本地文件读/写/列表能力,默认只在 OpenClaw workspace 目录内工作。
README (SKILL.md)

使用建议

  • 当你需要查看、编辑或列出工作区内的文件时使用本技能。
  • 仅访问相对路径或工作区子目录,避免越权访问用户其他目录。
  • 典型场景:查看日志、生成 Markdown 报告、保存脚本或配置文件。

安全约束

  • 禁止在 workspace 之外执行写入操作。
  • 避免删除用户重要文件,如配置、源码或系统文件。
Usage Guidance
This skill is essentially a set of rules rather than an enforced sandbox. Before installing, verify how your OpenClaw runtime enforces 'workspace-only' file access (OS chroot/namespace, process-level sandbox, or an API that only exposes workspace paths). Ask the platform owner: does the agent process actually get prevented from reading/writing outside the workspace? If not, treat this as having full filesystem access and only enable it when you trust the agent and logs/auditing. Consider: 1) testing with a harmless file outside the workspace to confirm enforcement, 2) limiting autonomous invocation or requiring manual approval for file operations, 3) ensuring audit logs capture file reads/writes, and 4) avoiding giving this skill access if you must protect secrets or system files.
Capability Analysis
Type: OpenClaw Skill Name: filesystem-access Version: 1.0.0 The skill bundle contains only metadata and descriptive instructions for filesystem access within a restricted workspace. There is no executable code or malicious prompt injection present; the instructions in SKILL.md explicitly emphasize safety constraints and restricted access to the OpenClaw workspace.
Capability Assessment
Purpose & Capability
The name/description promise a safe, workspace-only file read/write/list capability. However, the skill requests no OS-level sandboxing, config paths, or credentials that would technically limit access to a workspace. For an actual workspace-only file-access feature, one would expect either platform-level enforcement details or instructions referencing a specific sandboxed API or path—those are missing.
Instruction Scope
SKILL.md contains policy-style guidance (use relative paths, do not write outside workspace) but no concrete, constrained commands or checks. That makes safe behavior advisory rather than enforced: an agent could ignore the guidance and access arbitrary files unless the runtime enforces limits.
Install Mechanism
No install spec and no code files are present. That minimizes supply-chain/code-execution risk because nothing is downloaded or installed by the skill itself.
Credentials
The skill requests no environment variables, credentials, or config paths. There are no disproportionate secret requests.
Persistence & Privilege
The skill is default-autonomous-invocable (platform default). While 'always: true' is not set, the combination of autonomous invocation and non-enforced, advisory constraints increases the risk that the agent could access files outside the workspace without explicit user approval.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install filesystem-access
  3. After installation, invoke the skill by name or use /filesystem-access
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
filesystem-access 1.0.0 - 初始发布,提供安全的本地文件读、写、列表功能。 - 默认仅在 OpenClaw workspace 目录内运行,限制对其他目录的访问。 - 加强安全约束,禁止跨目录写入和误删重要文件。 - 适用于查看日志、生成报告及管理工作区内脚本与配置文件。
Metadata
Slug filesystem-access
Version 1.0.0
License
All-time Installs 15
Active Installs 14
Total Versions 1
Frequently Asked Questions

What is Filesystem Access?

安全的本地文件读/写/列表能力,默认只在 OpenClaw workspace 目录内工作。 It is an AI Agent Skill for Claude Code / OpenClaw, with 1947 downloads so far.

How do I install Filesystem Access?

Run "/install filesystem-access" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Filesystem Access free?

Yes, Filesystem Access is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Filesystem Access support?

Filesystem Access is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Filesystem Access?

It is built and maintained by bukas (@huanz); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments